Dynamic VPN problem on SRX240lm

ControlZNetwork · ‎03-03-2010

Hello,

I have a problem with the configuration of a srx240lm.
If the customer is in another internal network connects to the DynamicVPN correctly. If I try to connect from a PC on the Internet, Juniper Networks Access Manager is not just connected with Juniper, I accept the certificate and enter the username, then stays in Connecting to server ..
What is the problem?

thanks

groque1 · ‎09-09-2009

Try restarting web managment thats what I would do and check the dyn VPN config for that user. Make sure you have an ACL for that user from the untrust-to-trust zone and specifying the user to be tunneled through

ControlZNetwork · ‎03-03-2010

hello, I try your solution but has not been settled

my error is: Xauth succeeds but the connection is never established

I Verify the IKE and IPSec SA and tunnel sessions are established.
root @ SRX240 # run show security ike security-associations
Index Remote Address State Initiator coockie Responder cookie Mode

IP pc Internet DOWN Aggressive

thanks

rkim · ‎11-06-2007

IKE shows as down. Do you see any output from 'show security ipsec security-associations'? Also check your kmd log to see if there are any error messages there. It may also help to post your VPN configurations for review.

-Richard

ControlZNetwork · ‎03-03-2010

Hello rkim!

the complete configuration of Dynamic-VPn is here.

http://blog.controlzeta.net/?p=440

and in this post I have placed a network scheme

thanks

Dynamic VPN problem on SRX240lm

Re: Dynamic VPN problem on SRX240lm

Re: Dynamic VPN problem on SRX240lm

Re: Dynamic VPN problem on SRX240lm

Re: Dynamic VPN problem on SRX240lm